MSIS- Exam 1 (Questions & Answers) Rated 100% Correct!!

Compare open-source software to licensed software in terms of how each is used and supported. - Open-source software is software that is distributed, typically for free, with the source code also available so that it can be studied, changed, and improved by its users. Define the primary intent and two key elements of an effective code of ethics. - to define desired behavior The first outlines what the organization aspires to become, and the second typically lists rules and principles by which members of the organization are expected to abide Define the term attack vector - gain unauthorized access to a device or a network and to initiate a cyberattack Define the term computer forensics - a discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices in a manner that preserves the integrity of the data gathered so that it is admissible as evidence in a court of law. Describe five actions an organization must take in response to a successful cyberattack - authentication methods, firewall, routers, encryption, and proxy server and virtual private networks Describe four fundamental information system types based on their sphere of influence - Personal information system: Improves productivity of individual users in performing stand-alone tasks Workgroup information system: Enables people to work together effectively Enterprise information system: Facilitates organization-wide business needs Interorganizational IS:Enables the sharing of information across organizational boundaries Describe how each of the three primary classes of computers is used within an organization. - Describe the functions of the four fundamental hardware components of every computer. - bus, main memory, CPU, and input/output devices Describe the impact of censorship on the operation of Internet service providers. - is the control or suppression of the publishing or accessing of information on the Internet Describe the role of a managed security service provider - For example, members of the finance department should have different authorizations from members of the human resources department. Describe the role of the operating system. - is a set of programs that controls a computer's hardware and acts as an interface with application software Discuss how the CIA security triad can be implemented at the organizational, network, application, and end user levels to safeguard against cyberattacks - a layered security solution makes cyberattacks so difficult that an attacker eventually gives up or is detected before much harm is inflicted Discuss how the First Amendment and anonymous expression safeguard our freedom of speech. - first amendment protects Americans' rights to freedom of religion, freedom of expression, and freedom to assemble peaceably and anonymous expression is the expression of opinions by people who do not reveal their identity Discuss how three U.S. federal statutes protect citizens from government surveillance while at the same time authorize the government to collect data. - Foreign Intelligence Surveillance Act (FISA): The act allows surveillance, without court order, within the United States for up to a year unless the "surveillance will acquire the contents of any communication to which a U.S. person is a party." USA PATRIOT Act:It increased the ability of law enforcement agencies to search telephone, email, medical, financial, and other records. USA FREEDOM Act: The bill authorizes the government to collect from the phone companies up to "two hops" of call records related to a target—provided the government can prove it has reasonable suspicion that the target is linked to a terrorist organization. Discuss the traditional and contemporary view of the role that information systems play in an organization's value chains - A traditional view of information systems holds that organizations use information systems to control and monitor processes and to ensure effectiveness and efficiency. A more contemporary view, however, holds that information systems are often so intimately involved that they are part of the process itself. Distinguish between a high-quality software system and safety-critical system. - high quality: are systems that are easy to learn and use because they perform quickly and efficiently; they meet their users' needs; and they operate safely and reliably so that system downtime is kept to a minimum safety critical: is one whose failure may cause human injury or death. The safe operation of many safety-critical systems relies on the performance of software. Explain the difference between ethical and legal - Legal acts conform to the law Ethical acts conform to what an individual believes to be the right thing to do Explain the difference between multiprocessing, parallel processing, and grid computing. - multiprocessing: involves the simultaneous execution of two or more instructions at the same time parallel processing: is the simultaneous execution of the same task on multiple processors to obtain results more quicklygrid computing: is the use of a collection of computers, often owned by multiple individuals or organizations, that work in a coordinated manner to solve a common problem Give an example of how application software is used in the personal, workgroup, and enterprise sphere of influence. - for example, will enable people to see 3D views of where they are, along with directions and 3D maps to where they would like to go Give three reasons why developing a safety-critical system takes longer and is more expensive. - Software developers working on a safety-critical system must be highly trained and experienced professionals who recognize that the software is only one component of the system, Extreme measures must be taken to identify and remove software defects from safety-critical systems starting at the very earliest stages of software development, A great deal of effort must be put into identifying what can go wrong, the likelihood and consequences of such occurrences, and how these risks can be averted, mitigated, or detected so the users can be warned.